Back to Top

Role of GDPR in Marketplaces

Updated 25 July 2023

With effect from May 2018, the role of GDPR has become very crucial for businesses running on marketplaces, eCommerce platforms, SaaS and even Cryptocurrency. It’s time, you make a checklist of compliances and get your business GDPR compliant.

The General Data Protection Regulation or GDPR is an EU data protection regulation that specifies how the data of the customers living in EU should be used and protected.

The regulation applies to all the organisation either operating in EU or outside EU which processes the data of EU customers.

The regulation has been termed as the basic data fundamental rights granted to citizens which gives them more control of their personal data. GDPR was adopted by the European Union on April 2016 and came into effect on 25th May 2018.

What changes with GDPR?

Before GDPR, there was the Directive 95/46/EC which protected the free movement of customer data. But with the fall of Safe Harbor Agreement in 2010 and revelations as made by Edward Snowden, EU decided to change the policies by making it more transparent.

Start your headless eCommerce
Find out More

Getting Your Marketplace Ready for GDPR
GDPR for Marketplaces

Being non-compliant to GDPR can have huge implications and can cost you up to 4% of global turnover or €20 million or whichever is greater. Below are the few compliance checklists that you can use to make your business GDPR compliant.

Transparent Privacy Policy

You ought to revise your privacy policy as per regulations keeping in adherence to Right to be Informed. List out the cookies collected by you when a customer comes on your Marketplace.

Mention information regarding what data you collect, to whom you share and how you use your customer personal data.

You can use Magento 2 Custom Registration Fields Extension to customise the policies on your Magento Store. Admin can go to Stores > Configuration > Webkul > Customer Terms & Conditions to configure the front-end view.


Take Customers Consent

GDPR hold its core importance on consent. You should allow customers to give consent for promotional emails and newsletters and allowing to positively opt-in for that. Provide checkboxes to opt-in for newsletters and agreeing to the privacy policy and terms & conditions.

Customers can go to their Customer Dashboard > Newsletter Subscription (Check/Uncheck).

Manage Customer Consent

Manage Consent List

Track your customer’s list who have given consent for your newsletters or promotional messages while signing up. To view the list go to Admin Dashboard > Marketing > Newsletters Subscribers.

Newsletters Subscribers

Cookie Management

The Right to Object to the processing of personal data and Right to be Informed, oblige you to mention the cookies to the customer you are capturing when they come to your store.

cookie banner should be displayed with the option to Agree or change settings to your customer.

Cookie Management

One such extension you can use for your Virtuemart marketplace is Joomla GDPR Compliance. After installing the extension, Admin can go to Components > GDPR Compliance > Cookie Settings (View Details) to configure the cookie and mention cookie list.


Exercise Data Rights

It’s important that you allow your customers to exercise data rights from customer dashboard. Data rights are one of the core changes made by EU in new Data Protection Regulation.

Exercise GDPR Rights

With the help of Prestashop GDPR Compliance module, you can easily allow customers to request for data deletion, rectification and downloading personal Data. Admin can set the configuration by going to Admin > Manage GDPR > GDPR General Configuration/Mail Configuration/Cookie Block.

GDPR Customer Data Management

Frequently Asked Questions

Keep your customers up to date with the most common questions and how they can access their data rights by creating a list of questions on your store. FAQs keep your customers remain acquainted with the GDPR changes on your store.

Accordion FAQ Front-end

You can use Accordion FAQ Extension to create FAQs on your Magento Store. Admin can go to their Admin Dashboard > WebkulAccordionFAQ > Add/Manage FAQ.

Accordion FAQs

Announce Updates and Re-Consent

The new users can now give you consent and see you policies before proceeding to buy something from your store but what about your old customers?

It’s very important that you should communicate with them about the changes and take a re-consent from them about continuing to receive your newsletters and promotional emails.

On you Magento Store, you can create Newsletters by going to Marketing > Newsletter Template to check out the existing template or create one.

Newsletter Templates

Put the specific newsletter in Queue from Action Column. Go to Marketing > Newsletter Queue, to check the status of the newsletter as sent or pending.

Newsletter In Queue

Let us know in comments what techniques you have used for making your store GDPR compliant.

Even better, we have made a dedicated Magento 2 GDPR extension with all the features you need to make your online store comply with EU laws and secure customer data.

For any query regarding GDPR modules, you can email us at [email protected]

. . .

Leave a Comment

Your email address will not be published. Required fields are marked*

Be the first to comment.

Back to Top

Message Sent!

If you have more details or questions, you can reply to the received confirmation email.

Back to Home